>> Privacy – Platform
<> Switch to: Privacy – Website
Last change: 02.03.2022
1. General Information
Virtual Minds GmbH, a company of the ProSiebenSat1 Group, offers technologies that enable advertisers to deliver target-group oriented digital ads.
The controller responsible for data collection and processing is:
Virtual Minds GmbH
D-79106 Freiburg im Breisgau
You can reach our data protection officer at
Attorney Daniel Raimer
Kanzlei Daniel Raimer
Phone: 0211 4167 4600
3. Information relating to the collection and processing of data through our products
3.1 What kind of products do we offer?
We help our customers to understand which of their offers are actually of interest to which users, in order to improve the offers and gain information that enables a target group-oriented and relevant addressing of potential end customers. We help our customers to better understand their users by compiling information about them and on this basis enable target group-specific or user-oriented advertising.
3.2 How do we collect data?
Cookies allow us to recognize your device when you visit other digital resources, which also include one of our products, by assigning a random number to your device.
The Cookies we use can only be read and used by us. The same applies to other providers with comparable or supplementary services to ours. When cooperating with these providers, it is advantageous if all parties involved agree on which user or device certain information refers to. For this reason we match our cookies with those of our partners.
In addition, we offer our customers the opportunity to make data collected during a user’s visit to a website or other digital offer of a customer available for use in our product in order to later advertise to the user according to his interests.
With regard to Cookies, you have a wide range of options, which we explain in more detail under section 4.
3.3 What data does Virtual Minds collect?
We collect and use the following data about you:
- Information about your Internet connection: We collect data on which provider you use or how fast your connection is.
- Information about your browser: We collect information about which browser you use, its version, the language set in the browser, and information about how your browser handles cookies.
- Information about your device: In this regard, we collect information about the operating system used, language settings, the brand of your device, device identification numbers, mobile operating system manufacturer advertising identifiers (IDFA or AAID) and the IP address of the device.
- Information about the website/app you visit: The content of the website/app, the type and nature of the web page, the domain of the web page or name of the app, technical information about the web page including referral URL (i.e. the URL of the web page from which you were referred to a web page) and the date and time of the visit.
- Information about your behaviour on websites: This includes information about the content you viewed, how long you viewed it, and which apps you used.
- Information about advertising materials: We record which adverts you have been shown, whether you have clicked on them or visited the advertiser’s website or downloaded their app.
- Information about your decisions: We also receive information on whether you have been informed about processing activities or whether you have consented to them. We also receive information on whether you have partially or completely objected to the processing and/or whether you would like your Cookie to no longer be used in the future.
- Location information: If you are viewing digital content or advertising on a mobile device, we can collect your exact location if you have enabled the appropriate feature on your mobile phone. Regardless of whether you are using a mobile device or a stationary device, we can obtain your approximate location or postcode area.
Our products allow the exchange of data with other publishers, advertisers or third parties to make ads more relevant.
On behalf of or customers we collect data regarding
- Your age: A non-precise estimate of your age.
- Your gender: A estimate of your gender.
- Your extended internet use behaviour: We record, how you have interacted with the site, which products you have placed in your shopping cart and which products you have purchased.
- Your use history: We record whether you have seen an ad before a purchase or another defined action, how you have interacted with it and whether you have seen other ads before such action.
We do not collect your name, e-mail address or any other information that could be used to directly identify you.
3.4 What this policy does not cover
If you would like to receive more detailed information on the other companies engaged by the website operator and their processing, please contact them directly. If the website operator already supports the IAB TCF 2.0 (see section 3.11 below), you can also obtain much of this information via the CMP used by the website operator (see also section 3.11 below).
3.5 What we use your information for
We use the data described above for the following purposes:
|Store and/or access information on a device||As described above (see section 3.2), we may store Cookies on your device. If such a Cookie already exists, no further Cookie is stored, rather the existing one is read. Both the storing or reading of Cookies and Mobile Identification Numbers serves to identify your device. This enables us to offer advertising inventory for your specific device. In addition, we can link information about your device and about you with the unique Cookie or mobile identification number. Information about Cookies is exchanged between the cooperating partners to determine whether two Cookies belong to the same device. This makes it easier for us to coordinate among the various vendors when providing advertising services. This step is necessary because each vendor issues its own unique Cookie and cannot directly access the Cookies of other Vendors (see also section 3.2 above).|
|Basic selection of ads or content||We use your information to provide basic selection mechanisms for displaying ads. For example, this selection is based on content you are viewing, the app you are using, your approximate location, or the type of device you are using. This includes ensuring that you do not see the same ad over and over again. We do this based on information about who else is viewing such content or using the app. These assumptions do not necessarily apply to you.|
|Creation of a personalised ads or content profile||We can create a profile about you and your interests. We refer to this profile as a personalised ads or content profile. It assigns you to certain groups or segments that allow potential conclusions about your interests and preferences. We combine these segments with the Cookies. Segments usually consist of a number of characteristics, such as an interest in sports, linked to a specific region (e.g. Hamburg) and an estimated age range (e.g. 30 – 40 years). The characteristics of the segments can be flexibly adapted and are oriented, among other things, to the advertisers target groups. We do not create segments based on sensitive data, such as health data, political beliefs, sexual identity, religious or philosophical beliefs, racial or ethnic origin or trade union membership. We neither collect nor store such data.|
|Selection of personalised ads or content||Based on the personalised ads or content profile, it can be decided which ad or content shall be displayed to you. If our customers do themselves offer ad inventory, they can pass on this data to aid the decision of the bidders. The aim is always to be able to show you the most personalised, and therefore relevant, ads or content possible. Our customers themselves decide whether they consider their advertising material or content to be relevant.|
|Measure performance||We measure the performance or effectiveness of the ads or content you see or interact with. To do this, we record whether you have seen the ad or content, how long it has been displayed to you, whether you have clicked or otherwise interacted with the ad or content link. These values are important, among other things, so that ADEX customers can ensure that ads or content are in fact displayed and are thus to be remunerated. In addition, for some of our customers we record whether you have made a decision based on an ad. A decision may be signing up for a service, ordering goods/services, or other events defined by our customers. This helps our customers better understand the effectiveness of their advertising efforts. They can also decide to regulate the remuneration of their advertising partners on this basis.|
|Apply market research to generate audience insights||We may use market research data to learn more about the audience that visits pages or apps and sees ads. The data may be used to obtain better or more accurate segments for use in personalised ads or content profiles.|
|Development and improvement of products||We may use your information to improve our existing systems and software and to develop new products.|
|Ensure security, prevent fraud and debug||We may use your information to look for and prevent fraudulent activities. We may also use it to ensure that our systems and processes function properly and securely. For example, we will analyse behaviour of real users in order to distinguish them from computer-generated signals.|
|Technically deliver ads||Your device sends and receives data that allows you to view and interact with content and ads. This means the display of a webpage/app. If you enter a URL, your device sends a request to load the associated web page. A similar signal is generated when you click on a link (this can also be an image) on a web page. We use the same data that allows the operator of the website to show your device the website, so that the right advertising material can be displayed in the right place.|
|Match offline and online data||We may link data collected about you offline with your online data. However, we only do this if there is a legal basis for the collection of offline data and its matching. We may use the linked data to support the other purposes indicated here.|
|Linking different devices||We may use your information to identify different devices as belonging to you or your household. For this purpose, we group Cookies or mobile identification numbers that we believe are used by the same person or within the same household. We use this information so that our customers know better under which Cookies or mobile identification numbers, the same users or users of the same household are addressed. We also use this information to ensure that you do not see certain ads or content too often.|
|Receive and use of automatically-sent device characteristics for identification||We use your data to distinguish your device from other devices. To do this, we use information that your device sends automatically without us requesting it separately. Such data are for example the IP address as well as system and device information.|
|Use of precise geolocation data||We can enable our customers to use precise geolocation data for your device. Precise here means that your location can be accurate to within a few meters. This information is used to display advertisements or content that are of particular relevance to you based on your location.|
3.6 To whom may Virtual Minds pass on your information?
3.6.1 Virtual Minds passes your personal data to third party technology providers, for which we analyse the effectiveness of advertising efforts or to which we provide target group information for addressing ads. A list of these technology providers with further information may be found here. Moreover, we pass your personal data for the same purposes to advertisers, marketers, agencies and market research institutes. For more information about the companies Virtual Minds works with please reach out to firstname.lastname@example.org. The data will only be passed on if we have received the relevant consent or if we can invoke our legitimate interests.
Virtual Minds is a service provider, so we work with partners when processing data. This also includes those partners on whose websites or mobile applications we collect data through the cookies described above. With some of these partners, we are joint controllers within the meaning of data protection law (Art. 26 DSGVO). This joint responsibility generally relates to the collection and transmission of data to us. A current list of those partners with whom we are jointly responsible is available on request.
We and our partners have divided certain tasks and activities among each other within the framework of joint responsibility. The division is as follows:
Virtual Minds provides the partner with a technical solution (here tag) which the partner integrates on its offers. This tag enables the collection of the data described in more detail above. [VM Company] also supports the partner, in particular in the processing of inquiries from affected parties..
Each of the parties shall in particular ensure that the necessary data security is given. Both we and our partner will fulfil our reporting and notification obligations individually, but will support and inform us to the extent necessary.
You can exercise your rights described below as a data subject (Ref.: 3.10) both towards us and towards our partner. We and our partner are liable for any processing that does not comply with the provisions of the GDPR in accordance with Art. 82 GDPR.
Do you have any further questions on the subject of joint responsibility? We would be happy to provide you with further information on our cooperation with certain partners.
3.6.2 We may also disclose your information to governmental authorities, courts or third parties if such disclosure is necessary or appropriate to enforce or defend our claims, interests or rights, or to protect the vital interests of the data subject or another individual.
3.6.3 We may also disclose your information to an acquirer or potential acquirer of our business or parts of our business to the extent that your information is related to the part to be acquired and to the extent necessary to enable the acquirer or potential acquirer to evaluate our business or the part of our business in question. In the event of an acquisition, we may also transfer your data to the acquirer.
3.7 On what legal basis does Virtual Minds process your data?
Virtual Minds always complies with the applicable data protection laws and regulations when processing your data. For some processing operations, our legitimate interests form the basis for the processing.
Other processing operations require your consent. Our respective customers make sure that you have given such consent before we process your data and of course we verify this. Of course, you have the possibility to change your mind and to withdraw your consent, we explain how to do this under section 4.
3.8 How long do we store your data?
We do not store personal data for longer than is necessary for the purpose for which it was collected, unless we are entitled or obliged by law to continue to store it. Information that is not stored in connection with the cookie ID assigned to your device is regularly deleted by us after three days.
The Cookies we use are generally valid for 90 days, after which time they and the data associated with them are deleted. If the Cookie on your device is recognized by us again within this period, the runtime is extended again by 90 days.
3.9 Transfer of your data abroad
The ADEX and its servers are located in Germany. However, some of our Partners and Customers are located outside of the European Union. If we transfer your data to a Partner or a Customer who is based outside of the European Union, we will ensure that data is processed with an appropriate level of protection. To this end, we make use of legally provided and permissible measures, such as an adequacy decision by the European Commission (cf. Art. 45 para. 1 GDPR) for the third country concerned; the use of the European standard contractual clauses (cf. Art. 46 para. 2 c) GDPR) or other effective safeguards provided for in the GDPR.
Standard contractual clauses for the transfer of personal data from the European Union to third countries
3.10 Your rights
It is important to us that you do not lose control over how we handle your data. Under the General Data Protection Regulation (“GDPR”), you have the following rights towards us:
|Right of access (Art. 15 GDPR)||You have the right to receive confirmation from us as to whether we are processing personal data about you. If this is the case, you have a right to information about this data and, where applicable, further information. Please note that we may need your cooperation in order to identify you and respond to your request (Art. 11 para. 2 GDPR).|
|Right to object to processing (Art. 21 GDPR)||You can object to the further processing of your data at any time.|
|Right of rectification (Art. 16 GDPR)||You can request us to correct the personal data stored about you.|
|Right to erasure (Art. 17 GDPR)||Under certain circumstances, you have the right to request us to delete your personal data.|
|Right to restrict processing (Art. 18 GDPR)||You may also have the right to request a restriction of the processing.|
|Right to data portability (Art. 20 GDPR)||If the requirements of Art. 20 GDPR are met, you have the right to receive from us a structured version, stored in a common machine-readable format, of the personal data concerning you.|
|Right to lodge a complaint regarding our processing of your personal data with a data protection supervisory authority (Art. 77 GDPR)||If you believe that our processing of your personal data violates the GDPR, you can lodge a complaint with a supervisory authority.|
|Right to revoke consent||You can withdraw your previously given consent for the processing of your data at any time. In order to make this process as easy as possible for you, you can do this via the following link: Opt-Out For more information about your choices, please see section 4 below.|
3.11 What is the IAB Transparency and Consent Framework (IAB TCF)?
We participate in the IAB TCF. The IAB TCF is a common standard for dealing with transparency obligations and obtaining consent in connection with online advertising. The companies organised in the IAB TCF undertake to comply with standards that go beyond the GDPR. ADEX is registered as a so-called vendor under the IAB TCF. Further information about the IAB TCF can also be obtained from the following link: https://iabeurope.eu/tcf-2-0/. We recommend all our customers to also register with the IAB TCF. If you use a service from a company that is already registered as a Publisher in the IAB TCF, you will benefit as the IAB TCF offers you transparency and control over the use of your personal data.
On a technical level, the latest version of the IAB TCF (currently version 2.0) allows each participating company to understand which processing activities are permissible in individual cases based on the user’s choice.
For you as a user, the IAB TCF means a highly granular freedom of choice. Of course, you can still either agree or disagree with the use of your data in general. In addition, you can precisely understand who will receive your data and for what purposes. Of course, you are free to exclude individual recipients or to limit the purposes for which your data is used individually. Limiting the purposes is only excluded in exceptional cases, such as security-relevant processing activities.
We recommend that you consider the various options available to you under the IAB TCF in order to make a decision that best suits your interests. You will receive more information on these options and how to implement them in the following section.
4. Your choices
It is particularly important to us to enable you to make an informed decision about the use of your data. To this end, we would like to explain the options available to you at a glance. Should you have any questions, especially regarding the options we ourselves offer, please contact us at email@example.com.
However, generally speaking, the following applies: If you delete the cookies stored on your device or update the Mobile Advertising ID (MAID) of your device, all previous choices will be lost. You will then have the opportunity to choose again as soon as a cookie is set again.
Finally, it should be noted that these choices do not mean that you will no longer be displayed ads. However, the ads that are still displayed may be less relevant to you.
4.1 Using the CMP or the settings on the website
As described above, your data is collected when you visit websites or use apps. Those websites that participate in the IAB TCF especially offer you detailed possibilities to influence the processing of your data. For this purpose, these websites usually make use of a third-party provider, a so-called CMP (Consent Management Platform). This CMP clearly shows you your options when you visit a site. The CMP will allow you to generally agree to or reject the processing of your data. However, the CMP also allows you to make more minute choices. If you so wish, you can decide on each purpose and recipient separately. The CMP recognizes you by means of the Cookie. This does not apply if you have deleted the Cookie in the meantime or if it has been deleted due to time lapse. After you have made your choice in the CMP, the CMP will then ensure that this information is forwarded.
Since we and the publishers (website operators) want to offer you the greatest possible freedom of choice, these options are available to you on each individual website and generally only apply to that individual website. We understand that your choice may be different depending on the website operator.
4.2 Use of our opt-out possibility
Independently of the website operators, you can also object directly with us regarding the processing of your data by us. This option is also bound to the Cookie. You can make these settings under the following link: Opt-out.
Your advantage: This choice then applies to all our services for all our customers. However, it only applies to our processing activities and has no effect beyond that. Other contractual partners of the Publisher and its partners are not covered by this choice.
4.3 Deletion or blocking of Cookie IDs
While we have defined the term “Cookie” broadly elsewhere in this document, here we mean the cookie in the technical sense. These explanations therefore only apply if you use a browser and cannot be applied to the use of apps. In addition, these explanations refer to third-party cookies (i.e. those that do not originate from the website operator).
Many browsers already offer you the possibility to handle cookies automatically. They often offer the following options:
- Cookie blocking
- Automated deletion of cookies at a certain time (e.g. after closing the browser).
- Manual deletion at a desired time
The browser you are using may offer additional or different possibilities. In order to make it as easy as possible for you to use these functions, we have put together links to the corresponding instructions or assistance pages of the most frequently used browsers:
- Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
- Chrome: https://support.google.com/accounts/answer/32050
- Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
However, as mentioned above, deleting cookies results in a new cookie being set the next time you visit a website, for which previous choices do not apply. If you want to prevent this completely, you may wish to block the cookies.
4.4 Mobile Advertising ID (MAID)
Unlike those in websites, advertisements displayed in programs (apps) on mobile phones use the so-called MAID to identify the device. This MAID is a unique identifier that is stored on your device and linked by apps. Its use and purpose is otherwise equivalent to a Cookie.
If you wish to object to our use of the MAID, you can do so by clicking on the following link: Opt-out. The app you are using will also provide you with appropriate options. Where these options can be found and how they are designed can vary from app to app.
If you would like to make more fundamental changes with regard to the MAID, there are two main options available to you. You can renew the MAID or block it completely.
For devices running the Apple operating system, you can find this information under preferences, then under privacy, then under advertising. There you have the possibility to limit or reset Ad-Tracking.
If you have a device running the Android operating system, you can usually find these settings under “Settings”, then under “Google” and then “Advertising”.
We are aware that many of the concepts explained here are complicated. Some important answers can therefore be found in the following FAQ:
5.1 Does The Virtual Minds know who I am?
No. Although we make some assumptions about your person, we do not know any directly identifying information about you. We do not know your name, e-mail address, postal address or telephone number. We are also not interested in finding out about them.
5.2 What about my IP address?
We know your IP address, but we only use it in its unabridged form to send your device the ads, or to enable others to do so. Otherwise, we use your IP address only in a highly abbreviated form, which is no longer sufficient to identify you or your device directly.
Just as a side note, let us be clear that it is theoretically possible to identify you by your IP address. However, this is an extremely complex process which, if at all, is only possible in cooperation with your internet service provider (ISP). However, your ISP will only disclose the relevant information on the basis of a court decision. It is therefore not possible for us to identify you by your IP address.
5.3 You say you “personalize” advertising, but then you must know more about me!
The personalization is based on probabilistic assumptions and is therefore only a probability value. The assumptions may or may not apply to you. Often the segments formed are so vague that they apply to a large number of people. For example, if we estimate that you could be between 20 and 28 years old.
5.4 Which cookies are stored on my device, can anyone read these cookies?
A cookie can only be read by the person who set it. This way ADEX can only read its own cookies. The same applies to the website operators. You can easily find out which cookies are stored on your device. You can find this information in the settings of the browser you are using. There you will also find the options for deleting the cookies described in section 4.3.
5.5 I do not want to be shown online advertising, is it enough to block/delete cookies?
5.6 Why is there online advertising at all and what is the benefit of personalized advertising online?
Many providers make their services available to the user free of charge. At the same time these providers often have high costs, relating to employees, the operation of the website and other expenses.
One of the few options available to website operators to finance their services is the possibility of displaying ads. This enables a free, diverse range of services on the Internet that are accessible to everyone, regardless of the financial position of the individual user.
The website operator as well as the advertisers have an interest in showing you the most relevant advertising. As such, the website operator does not want the ads to be perceived as annoying. This is not the case if, for example, the ad is relevant to the user and he does not encounter it too often. For both purposes, however, the companies involved must be able to distinguish one user from another. The Cookies already described serve this purpose.
At the same time, it is important to all parties involved that you have the most precise options possible available to you to determine how your data will be used for advertising purposes. We firmly believe that the acceptance of online advertising depends crucially on you, the recipient, being able to understand and influence the processes behind it.
5.7 Many players are involved in the description. What do these companies do?
Online advertising is a complex industry with many players. But it can be presented in a simple way: There are companies that act on the side of the providers of websites and other digital content and help them to market the advertising inventory, and there are companies that help advertisers to target the ads as accurately as possible.
Content providers usually do not have the technical means to offer and market the advertising inventory themselves, so they work together with an SSP (Supply Side Platform). This supply side platform recognises when a user visits the site and an advertising space is available. At that moment it sends out a corresponding offer.
This offer is received by the DSPs (Demand Side Platform). These DSPs work for advertisers (directly or through an agency). They determine whether the advertising space is interesting to the advertiser. If it is, they place a bid, should several actors place a bid, the highest bidder wins.
All parties involved benefit from having additional information about the users who are currently visiting digital content. Some advertisers therefore collect information about users on their own websites (e.g. when you visit a webshop) with the help of a DMP (Data Management Platform) like the one offered by Virtual Minds . This information can in turn be used by both SSPs and DSPs to determine which user should be advertised to.
Of course, this presentation is a little simplified, but it reflects the basic relationships and functions of the individual participants.